Interne Audit van de Vlaamse Administratie (IAVA)

The IAVA is the main body within the Flemish Government responsible for performing all internal audit related activities. This includes financial, operational, compliance and IT audits. Based on the findings from these audits the IAVA will formulate recommendations to improve the service offered to Flemish citizens by the Flemish Government.

Who should attend?
Anyone taking or considering taking the ISACA CISM/CISA examination; anyone seeking an overall understanding of essential information systems or security management domains.  The Certified Information Security Manager and Certified Information Systems Auditor certificates are ISACA’s strong credentials earned by information system, security management and security audit professionals. With a growing demand for professionals possessing information security skills, CISM and CISA have become  preferred certification programs by individuals and organizations around the world.

For more information and registration, visit the isaca.be website (look under Certification Boot Camps).

To counter these inhibitions Belgian Customs have introduced the AEO (Authorized Economic Operator) certificate. This certificate is specifically created to allow organizations that fulfill the criteria to take advantage of a number of simplifications and privileges:

• Less physical checks and verifications
• Requirements that have been verified upon certification are not checked again
• If checks or verification does take place, the location can be chosen
• For more advantages, see the fiscus.fgov.be AEO site

Services by delITad

While it is clear the certificate has its advantages, attaining it requires time and in-depth knowledge of the requirements. You may not have this knowledge in-house or simply lack the time to prepare. Enter delITad: we are specialized in aiding companies to attain AEO certification, either by offering our successful coached approach or taking the work out of your hands by preparing all necessary requirements for certification.

Want to learn more? Have a look at our AEO Implementation Methododogy.

-          Am I still in full control of my IT department?

-          Am I still in compliance with a regulatory requirements?

-          What challenges am I facing in the near future?

As IT manager these questions are your responsibility, but the answers may not be so obvious. This is where delITad can be at your service. We offer our High Level IT Audit aimed specifically at getting a fast, no nonsense view of the state of your IT department including its main processes.

The total approach of the audit takes place according to these phases:

Analyze and understand:

To get a good picture of the functioning of the IT department we need to get a high level understanding of the strengths and weaknesses. To attain this information we will detail the environment surrounding the IT processes. We create an overview of your applications, sysels and platforms and link this to the processes they support.

Determine the Risks

It is important to note that at this stage we will only assess the Risk Profile. This means we will not yet assess the effectiveness of risk controls but we will focus on the so-called Inherent Risk to the IT environment.

Determine the Controls

Following the risk assessment we will try to get insight in the way the risks we identified in the previous stage are mitigated. This will concentrate around conducting interviews. At this stage we are reviewing the design of the controls: we define the control processes based on what we are told. In the next phase we move forward and start to perform tests of selected controls.

Risk and Control Matrix

The risks and controls will be illustrated in a matrix. This matrix will show the residual risk (controls versus risk) in terms of HIGH – MEDIUM – LOW for all IT areas. In the audit report this matrix will be discussed in great detail.

Reporting and Estimate

In the final phase of our audit a prioritized list will be created in collaboration with the IT manager focusing on all areas that need to be  addressed based on the results of our high level IT audit. This includes an estimate on the possible number of days that would be needed to attain a reasonable level of assurance on the specific control.

Newspapers and news sites today are full of reports of poorly protected information or stolen data from all possible institutions such as governments and large multinationals. The possibilities of damage to reputations and tangible and intangible losses are real. This is because information is more compact, more digital and more mobile than ever before.

Not only loss or theft is a threat to your organization. Does your organization still have access to its information after a power failure, a disaster or a major hardware crash? What are the risks and consequences for the continuity of your company when that or something similar happens?

It is crystal clear that managing and securing your information is even more important today than ever before. In order to ensure that your information is available and accessible under all circumstances a reliable methodology for managing your internal information is indispensable.

What is an Internal Information System?

An internal information system is an established method by which you map all information flows within your company, start thinking about the risks associated with them and how to limit these risks by taking the correct measures.

This means:

• Performing a risk analysis
• Developing control measures for:
  • Security of your HR processes
  • Securing your IT infrastructure
  • Access Security
  • Backup and recovery procedures
  • …
• Structural monitoring of your processes and information flows
• Continuous improvement of your information system

What are the benefits for my organization?

When you set up an information system will give you a clear picture of where your organization stands in the context of information security. You get a better understanding of possible risks to your business and its continuity in the event of unforeseen circumstances or emergencies, and more importantly, you know what to do if something does go wrong.

With a well-implemented information management system, you have an efficient organization that controls its information. You are aware of the risks to your organsiation and have effective measures taken to hedge. You can external stakeholders such as customers and shareholders find the certainty that they do business with a strong partner that his affairs in order.

DelITad, a reliable partner

Establishing an internal information system can be done independently. However, it is possible that the specific knowledge required for such a comprehensive and integrated system is not present in your organization. DelITad allows you to take on the information system project within your organization under supervision by our experts and consultants.
Delitad has extensive experience in assisting organizations in performing risk analysis, implementing risk reducing measures, and assisting companies in all sorts of processes that contribute to the optimization of the organization.

For more information, please contact us at or call +32 3 4513660 info@delitad.com.

ISO 9001:2008 is a standard for quality management aiming to achieve a better understanding of business processes and where possible to try and improve efficiency and productivity. In the past organisations where equipped with their own quality management system which resulted in varying definitions of quality. It is no longer necessary to create stumbling blocks within your organisation: thanks to ISO 9001:2008 there is a uniform model for quality management systems (QMS) that supports your company goals and has full international recognition.

But what does this mean for my company?

Contrary to common conception ISO 9001:2008 is not a bulky collection of manuals aiming to please the quality manager. For every company that has clearly defined its business processes ISO 9001:2008 offers the ideal guideline to improve efficiency. Most certificates are based on the “as is” situation and do not require complete reengineering of business processes. Therefore the advantages of ISO 9001:2008 are primarily internal: management has a reliable QMS that clearly maps all business processes and allows for continuous measurement and improvement.

On top of the advantages for your organisation internally you will also give a clear signal to all external stake holders. With the certification in hand you can show customers and other relations that your company aims to continuously improve and to achieve this has a QMS certified with one of the most renowned standards in international business. Finally, an improved internal organisation will not remain unnoticed by your customers and will result in higher customer satisfaction.

DelITad: An Experienced Partner

DelITad aspires to be an alternative for the traditional big names in consultancy. Our focus lies with a pragmatic approach to map, assess and where possible improve your IT and business processes. Our added value does not only entail advice: our strength is the ability to provide a full implementation of our recommendations. Our track record is not limited to Belgium. This is indicated by the recent implementation at the Science Park for Transtrack International.

A Number of References:

• Infrabel (Belgian Railways)
• Ernst & Young
• IS4U (www.IS4U.be)
• RMC (www.RMC.be)
• Crosspoint Solutions (www.crosspoint.be)

For more information do not hesitate to contact us via info@delitad.com or by phone: +32 3 4513660.